-
Notifications
You must be signed in to change notification settings - Fork 762
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SECURITY] Linux: extracting a symlink with ACLs modifies ACLs of target #1565
Comments
Can Red Hat assign a CVE for this security issue? Or was it already requested to MITRE? |
dongsupark
added a commit
to flatcar-archive/portage-stable
that referenced
this issue
Dec 9, 2021
Update app-arch/libarchive to 3.5.2, to mainly address security issues like libarchive/libarchive#1565, libarchive/libarchive#1566.
1 task
ping @mmatuska |
Looks CVE-2021-23177 was assigned for this issue. |
antekone
pushed a commit
to antekone/libarchive
that referenced
this issue
Feb 6, 2022
On Linux ACLs on symbolic links are not supported. We must avoid calling acl_set_file() on symbolic links as their targets are modified instead. While here, do not try to set default ACLs on non-directories. Fixes libarchive#1565
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When an archive entry contains a symbolic link that has defined ACLs on Linux, on extraction the ACLs of the link target are modified. This is because the function acl_set_file() is used without a prior check if the file is not a symbolic link.
FreeBSD and MacOS use acl_set_link_np() that does not follow symbolic links.
The text was updated successfully, but these errors were encountered: